I'm currently trying out tRAID, and I was a bit shocked to see that such critical software would default to listen to "just anyone".After all, our data is the most valuable part of our computer setups, or we wouldn't be here? ;-)

I found that at least the broker part can be told to listen on specific IPs by setting a parameter and can thus be sandboxed to the local machine.However, the web UI does not seem to offer such a feature. I can move it to a more obscure port than 8080, or firewall it, but the proper solution would be to not listen on all interfaces.For people who are not behind NAT routers, that, after all, means that the web UI, with a really easy default password, is accessible from the internet, if not firewalled. :O

Could support for an -ip parameter be implemented for the web UI service as well?Or maybe even a way to control it from the UI - doesn't have to be complex, even a simple toggle between "local only" (localhost only) vs. "reachable over network" (current state) would be a huge improvement.

Ah, interesting approach - but sadly, it doesn't seem to have any effect. :\I also tried adding -Djetty.host=127.0.0.1 to the service command line, but I guess that only really works when calling Java directly with java -jar foo.jar -Dbar=baz.